fix(test): update travis and e2e selfSignedCert fn

- add go.mod/go.sum
- update .travis.yml to test against supported Go versions
- drop golint from CI checks

To satisfy modern Go crypto in the tlsrouter e2e_test.go:
- bump RSA keysize to minimum 2048 bits
- set NotBefore to valid recent timestamp
- include CommonName in SANs

Signed-off-by: Dominic Evans <[email protected]>

1 files changed, 4 insertions, 4 deletions

diff --git a/cmd/tlsrouter/e2e_test.go b/cmd/tlsrouter/e2e_test.go
index c53e8c5..92551e2 100644
--- a/cmd/tlsrouter/e2e_test.go
+++ b/cmd/tlsrouter/e2e_test.go
@@ -182,7 +182,7 @@ func serveTLS(t *testing.T, value string, understandProxy bool, domains ...strin
 }
 
 func selfSignedCert(domains []string) (tls.Certificate, *x509.CertPool, error) {
-	pkey, err := rsa.GenerateKey(rand.Reader, 512)
+	pkey, err := rsa.GenerateKey(rand.Reader, 2048)
 	if err != nil {
 		return tls.Certificate{}, nil, err
 	}
@@ -192,16 +192,16 @@ func selfSignedCert(domains []string) (tls.Certificate, *x509.CertPool, error) {
 			Organization: []string{"Test Co"},
 			CommonName:   domains[0],
 		},
-		NotBefore:             time.Time{},
+		NotBefore:             time.Now().Add(-5 * time.Minute),
 		NotAfter:              time.Now().Add(60 * time.Minute),
 		IsCA:                  true,
 		KeyUsage:              x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
 		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
 		BasicConstraintsValid: true,
-		DNSNames:              domains[1:],
+		DNSNames:              domains[:],
 	}
 
-	derBytes, err := x509.CreateCertificate(rand.Reader, template, template, &pkey.PublicKey, pkey)
+	derBytes, err := x509.CreateCertificate(rand.Reader, template, template, pkey.Public(), pkey)
 	if err != nil {
 		return tls.Certificate{}, nil, err
 	}